Who's that cuddling up in the container... *squints* Wow you're getting along well

All's fair in war and cloud

The cloud is a highly competitive arena, where cloud providers jostle for market share. We know of Microsoft's long haul against Amazon’s AWS, but of late Oracle has cranked up the noise against Jeff Bezos' market leader while trying to break past Google and IBM.

And yet, what we imagine to be bitter rivals team up – as when virtualisation giant and aspiring private-cloud provider VMware teamed up with public-cloud leader AWS a year back.

Rivals have also been buddying up in the Cloud Native Computing Foundation (CNCF), which counts all the above – and more – as members.

The CNCF landscape can look cluttered but the situation got even more complex this year when AWS joined the Foundation with proprietary heavyweight Oracle also pitching in.

The CNCF is known for its open source, collaborative view of the world - one that should be antithetical to the adherents of a closed, proprietary system like Amazon and a world that despite supporting with code, Oracle struggles to live with.

'Lambda and serverless is one of the worst forms of proprietary lock-in we've ever seen in the history of humanity'

Is this an example of the closed-source wolf slipping into some open-source sheep’s clothing?

AWS cloud isn’t exactly open source, even though it does run open-source code.

Dan Kohn, CNCF director, talks a great deal about this as the "landscape" - the participating companies, with particular attention paid to the 10 CNCF projects such as Kubernetes and Prometheus.

"We think of this landscape as an unmapped territory,” he told The Reg. “These 10 projects in CNCF are a well lit path. But we’re not saying it’s the only way of getting anywhere.”

But Redmonk analyst Fintan Ryan believes this “landscape” is unhelpful for organisations trying to work out which particular cloud path to go down.

“I know that CNCF makes much of its landscape but I think it’s something that’s complex. When it comes to choosing which product to go with, it’s not necessarily going to be the best product, it’s going to be the company that’s best at packaging software together,” he said.

Deepak Singh, general manager of AWS Container Services, flatly rejects the suggestion that there’s anything contradictory about the company joining the foundation. "It's a myth that AWS is completely closed source," he said. "We view open source as a companion to AWS's business model. We use open source and have built most AWS services on top of open source technology, like MySQL, Linux, Apache Hadoop and Apache Tomcat."

Ryan points to a recent CNCF survey that showed that something like 60 per cent of Kubernetes as running on AWS as to why it's important AWS is onboard.

With those numbers in mind, it's fair to say that the idea that Amazon should not be part of the cloud native landscape is a misguided one - with the dominance that the company has in the public cloud space it should sit readily with the cloud native offerings.

Singh believes AWS will be fully functioning CNCF participant, given cloud has come to be defined by the very characteristics of AWS such as global deployment and elasticity and that AWS has worked with big-name clients like Netflix on best practices and application management.

"We believe that AWS cloud and the term 'cloud native' are synonymous," he told us.

For Oracle, the decision to join is an indication of the direction that the company wants to explore, says Ryan. "Oracle needs to be involved in the whole cloud native space. They want to provide their customers with an on-ramp using Kubernetes that keeps them in the Oracle ecosystem," he says.

"They’ve committed significant resources there and doubled down on developers. It's been a while since they’ve gone after this space. They've made concerted efforts in this, what with the changes to Java EE and it's clear that they’re trying to change perspective."

Oracle reckoned it could bring enterprise experience and experience working with large and complex workloads to the technologies of CNCF such as Kubernetes, Prometheus, gRPC and OpenTracing that its customers are using. "Oracle is cultivating an open container ecosystem built for cloud interoperability, enterprise workloads and performance," Oracle vice president of software development said in a statement at the time.

For many businesses, container management software, Kubernetes is going to be the first port of call. It's the cloud native project that's getting the most traction, creating a new Kubernetes ecosystem. Anyone looking to take the first steps into the cloud native world will, almost certainly be using Kubernetes at some point.

To help the process on the way, the CNCF has just announced the arrival of a new class of partners to propel the technology forward: the Kubernetes Certified Service Providers. As if endorsing Ryan's view that the companies that provide most help will be the ones to win out, the KCSP programme is a tier of vetted service providers that offer Kubernetes support, consulting, professional services and training for potential users.

Kohn and Ryan therefore agree better having AWS and Oracle inside the cloud native tent working together. Ryan points to the fact that the Foundation's board and the projects are structured in a way that will prevent one or a handful of big names dominating this field – a net gain. "You have to remember that the foundation's board and projects are very different. The CNCF board is now quite large with 21 members. And the way that the board is constructed, made up of a number of sub-committees makes it difficult for individual companies to have much of an impact," says Ryan.

Work first

If existing companies want to go down the cloud native route, there’s a good deal of work to be done first. "There is a ton of value in moving to a cloud native style but involves working with an engineering trying to decouple those legacy services," says Kohn.

Many cloud native deployments have been driven by startups, companies that know no other way. But that's not to say that these are the only organisations going down this route."It's nice to think that you're working on greenfield sites but that's not the reality for most people, in reality, there’s a heap of legacy applications to work with."

And there are different ways of tackling this too, depending on the size of the task facing the developers. "Sometimes you need a chisel, sometimes you need a chainsaw," says Kohn.

But these legacy applications can be a long way in the past. For example, CNCF member Ticketmaster, which joined earlier this year, has a PDP-11 emulator running inside a container, an example of the way that ancient technologies can still find a place in the world of containers.

Security? What security?

While users could happily go down a cloud native path, casting aside concerns about the competitive nature, there are still worries hovering in the background. What about security, for example? There have been concerns that going down the container path is less secure. Dan Kohn dismisses such speculation.

“Going cloud native is by far the most secure way of working,” says Kohn, explaining that developers are writing less and less code. “The actual code that you write is less than 20 per cent of an application, and often less than 10 per cent. You take a library and configure it. You need to have a process for updating your library, running automated test suite and quickly deploying it.”

Despite Amazon joining, it’s unlikely AWS will be completely integrated into all the product lines. “If you take monitoring software like Prometheus,” says Kohn. “You can use it to monitor Amazon, but it’s not very granular. Companies will tend to us an internal monitoring app instead of Prometheus.”

Singh counters that Prometheus and other tools sit happily with Amazon. “Customers have been using third party monitoring on AWS for a while now, solutions such as DataDog, New Relic, Sysdig, and others offered by our APN ecosystem. This is nothing new and containers don’t make this any different.”

That’s not to say that there aren’t areas of concern.

One area of cloud native deployment that does need some work is management. While some companies like APM, Splunk and HPE are looking into this and have reasonable offerings, there’s not much choice, which Redmonk’s analyst sees as handicap. “I would say it has slowed the adoption a bit – there’s a lot of concern on the management system. The pace of all this change is very fast – operating in a virtualized and operating in a distributed environment is very different,” Ryan says.

The cloud native is evolving. As the big names have landed at CNCF so the group’s focus has changed: it is no longer seen as the domain of niche players, trying to carve out a new market. The implication is that cloud native services are very much part of the here and now.

And now that the big players are here, yes, expect consolidation but - even more probably - the rise of a new breed of service providers, packaging together cloud native offerings. ®